Volvo Cars discloses security breach leading to R&D data theft

Image: Adam Cai

Swedish carmaker Volvo Cars has disclosed that unknown attackers have stolen research and development information after hacking some of its servers.

“​Volvo Cars has become aware that one of its file repositories has been illegally accessed by a third party,” the company disclosed today.

“Investigations so far confirm that a limited amount of the company’s R&D property has been stolen during the intrusion. Volvo Cars has earlier today concluded, based on information available, that there may be an impact on the company’s operation.”​​​​​​

Volvo said it notified relevant authorities after discovering the incident and is now investigating the data theft together with third-party experts.

“The company does not see, with currently available information, that this has an impact on the safety or security of its customers’ cars or their personal data,” Volvo added.

Attack claimed by Snatch ransomware

While the company did not disclose any other details on the breach, the Snatch ransomware gang has already claimed the attack.

The ransomware added an entry on their data leak site on November 30 about breaching Volvo Car Corporation’s servers and stealing files during the intrusion, together with screenshots of the stolen files as proof.

Since then, Snatch has also leaked 35.9 MB of what they claim to be documents stolen from Volvo’s servers during the intrusion.

Snatch Volvo leak page
Volvo leak page on Snatch’s leak site (BleepingComputer)

The company refused to comment after BleepingComputer reached out to Volvo on December 1 for more details regarding the attack claimed by Snatch.

“Volvo Cars does not comment on speculation about potential cyber security attacks but takes all potential threats to its cyber security and thefts of its property seriously,” Volvo said.

“Cyber security is an integral part and a top priority of our global development work and operations. Volvo Cars actively participates in and contributes to the international work on standardisation and best practices, and apply industry-accepted recommendations on cyber security.”

When BleepingComputer emailed back and asked Volvo to confirm if the screenshots shared as proof by the ransomware gang are of files stolen from its servers, a Volvo spokesperson replied with “We cannot comment any further.”

Source: www.bleepingcomputer.com